Campaign Review

In Campaigns we have created and configured are available for us to run them.

On the Review Campaign tab, we can view all active (In Progress) and Completed Campaigns.

Let's start by selecting an active Campaign (marked with an arrow below).

an In Progress Campaign is marked with an arrow

This is the beginning of an Active Campaign.

At the top, next to the Campaign's name, we see a 'Terminate' button, terminating the current Campaign (it can still be run again from the start, in the Campaign Config tab).

Under it, we see the Campaign's pipeline which consists of 6 stages.

1. Managers

On the first stage of the Campaign, Managers are requested to review their subordinates' Application permissions and decide whether to let them:

  1. Keep their existing permissions.

  2. Delete the account from the Application

  3. Revoke and explain which changes should be made to an Account's permissions.

To distribute the workload between staff, each manager automatically receives their direct subordinates to manage their permissions in the portal, according to the Organization Tree.

An employee with no supervisor connected above it in the Tree, is under our responsibility as an Access Manager to manage their permissions (inside the Campaign review page).

For example: in an Organization with 5 employees, where each employee is directly under another employee in a direct connection line, each employee is responsible for managing only the employee under him\her, and we are responsible for managing the employee on top of the tree, here inside the Campaign's review page.

In a company with 100 employees where every 10 employees are on the same Tree level, each Manager group are responsible for 10 employees (directly under them).

Circled bellow, we see a User's roles (permissions) in the Campaign's assigned Applications.

By clicking on each permission we can view its details.

Marked with an arrow below is the 'Add Justification' button, allowing us to add reasoning behind our Status selection.

the Campaign's Managers stage

Below is the view window when clicking on a permission.

the View Permission window

Below is the 'Add Justification' window.

Write a Justification and click on 'Save'.

the 'Add Justification' window

After managing our direct subordinates, we'll click on the 'Verify Changes' button (marked with an arrow below) to move on to the second stage.

the 'Verify Changes' button is marked with an arrow

2. Vendors

Here, if we have configured a Campaign to be linked to an existing Vendor, the Vendor's owner is required to review all Accounts by themselves, and add their own Keep/Revoke/Delete selections for the Applications' Accounts.

the Vendor Owners stage

In the example below, we have no Vendor owner, that means we need to go through all Accounts ourselves, and remember to click on the 'Verify Changes' button (marked with an arrow below) to save any made changes.

the 'Verify Changes' button is marked with an arrow

3. Execution

On the third stage, after Managers and Vendor Owners have done their research and sent us their reviews, it's up to us to view all Keep, Revoke, and Delete selections and make the appropriate changes to the Applications' Accounts.

Below we can view the Manager's and the Vendor Owner's selections for John's user.

Circled below, we can click the 'View Justification' button to understand why John's manager revokes John's permissions, while the Vendor owner approves of keeping them.

the 'View Justification' button is circled

After making all appropriate actions to our Applications users, we'll click on the 'Execution Complete' button (marked with an arrow below).

the 'Execution Complete' button is marked with an arrow

4. Verify

This crucial stage notifies Managers and Vendor Owners that our Execution stage is complete, and that they should view changes made and verify that the current user permissions, after made changes, are acceptable.

Circled below, we see the Verify and Decline changes buttons.

These options are available to every Manager and Vendor Owner who submitted changes during the previous stages.

It is available to us in the Campaign Review page, as explained in the first stage paragraph above, because we are also Managers for employees with no supervisor on the Organization Tree.

the Verify stage

If the Vendor Owner has declined the changes made, the Campaign will go back to Stage 3: Execution, and a 'Show Revoke Reason' button (marked with an arrow below) will become available, allowing us to view the Decliner's comments on why they declined our changes.

The third and fourth Stages can go back and forth until all parties accept Accounts' Permissions changes.

back to the 3rd Stage, the 'Show Revoke Reason' button is marked with an arrow

Again, completing the Execution stage gets us to the Verify stage.

Once the changes made are reviewed and verified by the Vendor Owner, we continue to the Sign stage.

back to the Verify Stage, the Verify and Decline options are circled

5. Sign

On this stage, the Signer we assigned needs to sign the Campaign's PDF of changes and permission approvals.

The Signer can find the signature box in his Staff tab (on the Employee Portal)

waiting for the Sign stage to be complete, the View PDF button is marked with an arrow

On the Signer's Staff tab (Employee Portal), the View Document button is marked with an arrow below.

After signing in the interactive sign field, click on the Save button (circled below).

the file signing page on the Staff tab

Back on the Campaign's page, we can see that all Stages are complete.

The signed Campaign file was automatically uploaded as Evidence.

on the Campaign's page, all stages are complete

On the Review Campaign page, we see the Completed Campaign as a part of our Campaign list.

the Review Campaign list tab

To return to the Access Management Guide hub, click here.

To return to the main guide hub, click here.

PreviousCampaign ConfigurationNextDuties

Last updated